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(57) Abstract: The invention includes a method for authen- 
ticating a sender of an email. The method examines items of 
the transmission information of the email, i.e. the items lo- 
cated in 'Received* fields are examined starting from an item of 
transmission information that is entered in the email by a server 
preceding the server that received the email. The transmission 
information ('Received* fields) is examined until either an un- 
reliable item of the transmission information is found or the all 
items of the transmission information are handled by a so-called 
"Reverse IP verification" method. When the all items of the 
transmission information are handled, the item of the transmis- 
sion information that is at first entered in the email is examined 
in a check. In this check a domain name obtained in 'Reverse 
IP verification* method is compared to a domain name included 
in the sender information of the email. If the domain names 
correspond to each other, the sender of the email has been suc- 
cessfully authenticated. In addition, the invention includes an 
email server utilizing the method. 
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Method and server for authenticating sender of email and notifying 
exchange information of email 

Field of the invention 

5 The invention relates generally to the security of electronic mail 

(email) and especially to the possibilities by which the recipient of an email 
can ensure that the sender information entered in the email is reliable. 

Background of the invention 

10 The Internet comprises a number of servers, routers, and other so- 

called nodes and communication links connecting the nodes. Typically, 
emails pass through multiple Internet nodes from a sender to a recipient. 
When sending an email the sender doesn't usually know through which 
nodes the email will pass. Each node through which the email passes may 

1 5 take a copy for itself or the node may forward the message or the copy of it to 
another node. For this reason, unencrypted email is considered to be a 
comparatively insecure communication method. 

A recipient of a conventional email cannot surely know whether 
the sender entered in an email is really sent the email or is the sender 
20 someone else. 

Email is usually transmitted through the Internet by using a 
protocol termed SMTP (Simple Mail Transfer Protocol) that is specified in the 
IETF (Internet Engineering Task Force) specification: RFC822. In addition, 
the SMTP protocol has been developed with an extension (RFC3207) 
25 concerning so-called SSMTP (Secure SMTP) by means of which a sending 
server and a receiving server can communicate each other in a secured way. 

In the following it is described a traditional way according to the, 
SMTP protocol for handling an email when the email is sent from server A to 
server B: 

30 (A=sending server, B=receiving server) 

1) B> 220 ESMTP ready 

2) A> helo smtp.domain.tld 

3) B> 220 Hello. 

4) A> MAIL From:< sender@domain.tld > 
35 5) B> 220 sender ok 
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6) A> RCPT TO:< recipient@domain.tld > 

7) B> 220 recipient ok 

8) A> DATA 

9) B> 220 Enter data followed by <CR><LF>.<CR><LF> 
5 10) A> From: senderf5>domain.tld 

1 1) A> To: recipient(S>domain.tld 

12) A> Subject: Message Subject 

13) A> 

14) A> The actual message 
10 15) A>. 

16) B> 250 Ok 

17) A>QUIT 
18)_B>220Bye._ 

15 Before, in Phases 1-3, servers A and B perform a handshaking. 

In Phases 4-7, the routing information of the email is transmitted. 
The routing information determines a recipient of the email. So-called return 
address is determined in the routing information for a situation in which the 
email cannot be delivered. 
20 In Phases 8-16 the email is transmitted from one server to 

another. Phases 8 and 9 prepare the transmission. 

In Phases 10-12 the header information which is separated from 
the actual message with a blanc line (Phase 13) is transmitted. 

In Phase 14 the actual message, i.e. the text and possible 
25 attachment files, are transmitted. The server A sends a line including a dot 
(.) and a line feed (Phase 15). After Phase 15 the receiving server B usually 
stores the message in its disk. 

In Phase 16 server B sends an acknowledgement that the 
message has been received. Servers A and B terminate the connection 
30 (Phases 17 and 18). Hereafter the sending server A usually removes the 
email from its disk. 

Thus, the previous example describes the operation of two servers 
(A and B). The servers transmitting the email may be parts of a long chain. 
Therefore the transmission of the email through this chain comprises a 
35 number of times Phases 1-18. In the following a server can be also be 
termed "a router". 
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"Chaining* of the routers/servers that transmit email causes a 
transmission delay, because a following router in the chain cannot transmit 
an email until when the previous router has transmitted the email as a whole. 
In addition, the email is frequently stored in each router on the disk of the 
5 router, which increases the transmission delay. 

It is possible to transmit the email so that a server belonging to the 
chain contacts a following server of the chain immediately when it has 
adequate items of information for the email transmission. 

In the above example server B has the adequate information after 
10 Phase 8 in order that it can contact the following server (server C). Then the 
message transmission through the chain of routers (A, B, C) will be 
accelerated, because the following router (router C) is able to transmit the 
message simultaneously when the previous router (server B) is still receiving 
the end part of the message from the first router of the chain (server A). This 
15 type of transmission for email is termed a "transparent message 
transmission". The transparent message transmission includes a benefit that 
the first router (server A) obtains an item of information from the last router 
(server C) immediately when the message is transmitted to its recipient. In 
addition, the transparent message transmission reduces the risk of losing a 
20 message when a server which is located in the middle of the chain (server S) 
is broken during the message transmission. 

Generally speaking, the routers may be physical routers or virtual 
routers. A number of virtual routers can be placed inside one physical router. 

FIG. 1 shows a server that includes virtual routers. A server 101 
25 receives a message 102 in accordance with a protocol (SMTP) and transmits 
the message 102 forward. The server 101 includes four routers which are 
termed: an email firewall 103, a security proxy 104, a content filter 105, and 
an SMTP back-end 106. Arrows drawn between the routers 103-106 
describe how the message 102 moves inside the server 101 from a router to 
30 another. If the traditional transmission method is used, each router 103-106 
stores the message 102 on a disk of the server 101. If the transparent 
message transmission is used instead of the traditional transmission method 
the message 102 is not stored on the disk, but the router 103-105 
immediately forwards the message 102 and don't send an acknowledgement 
35 of the message reception before the following router 104-106 sends the 
acknowledgement of the message reception. 
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An open-source software Amavisd which is downloadable in the 
Internet implements the transparent routing inside a server. 

The transparent routing between servers is related to challenges, 
because an SMTP email (message) may have a number of recipients and 
5 the email addressed to them maybe routed via different servers. Then a 
router obeying the transparent message transmission needs to divide the 
transmission of the email to number of servers, which complicates the 
management of the transmission. Thus, the transparent message 
transmission operates best in the reception of the email, i.e. in the last server 
10 of "the chain" or in the virtual servers placed inside a server. 

The following authentication problem is related to the prior art: 
everyone can send with whatever sender address email via the Internet. In 
addition, complicated transmission chains make more difficult to find out the 
real origin of the email, because each physical server, and many times also 
15 virtual servers included in servers, make their own notations to headers of 
the emails. An unreliable server may make additional notations to the header 
and this way try to conceal the real origin of the email. 

One solution to the authentication problem is to use digital signing 
in emails. However, only few senders and recipients of emails use it. Digital 
20 signing requires software installations at the terminals of the senders and the 
recipients. A sender signs his/hers message by means of the software and 
the recipient checks whether the signature attached to the message is unique 
or not. 

Another solution which is more developed than the previous one is 
25 to use a specific server for creating digital signatures and for checking them. 
Then the origin of emails can be checked, for example, at the organization 
level. 

Certain methods have been developed to authenticate a server 
transmitting an email. 
30 'Reverse IP verification' is a known method for authenticating the 

server which has sent/transmitted the email. In the following the function of 
the 'Reverse IP verification' method is described. 

Let us assume that the name of a receiving server is 'domain-b' 
and the IP address of a sending server is 123.45.67.89. Then the receiving 
35 server 'Domain-b' makes the following notation to the transmission 
information: 
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Received: from smtp. domain. tld (smtp. domain. tld [123.45.67.89]) 
by smtp.domain-b.tld with ESMTP 

5 In the first phase of the 'Reverse IP verification' method the 

receiving server performs a DNS query in which the server, i.e. 'Domain-b', 
requests from the domain name server (DNS) the domain name 
corresponding to the above-mentioned IP address: 

10 dig @dns-server1 PTR 89.67.45.1 23.in-addr.arpa 

As response to the DNS query the DSN (dns-server1 ) returns, for 
example, the following reply: 



15 89.67.45.1 23.in-addr.arpa PTR smtp. domain Aid 

The reply of the DNS discloses that the IP address 123.45.67.89 
corresponds to a fully-qualified domain name 'Domain*. 

In the second phase of the 'Reverse IP verification' method it is 
20 find out the fully-qualified domain name that corresponds to the IP address 
123.45.67.89. Then 'Domain-b' server uses another DNS server (dns- 
server2) as shown in the following DNS query: 

dig @dns-server2 A smtp.domain.tld. 

25 

As response to the DNS query the DNS (dns-server2) returns, for 
example, the following reply: 

smtp.domain.tld. A 123.45.67.89 

30 

Finally, 'Domain-b' server compares the IP address 123.45.67.89 
entered in the Received field to the IP address 123.45.67.89 obtained in the 
second phase of the 'Reverse IP verification' method. In this example the IP 
addresses are the same, i.e. the message is sent from the server whose 
35 domain name is 'Domain' and whose IP address is 123.45.67.89. 
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'Reverse IP verification' method is generally known in many router 
applications, for example, 'Postfix' ( www.DOStfix.orQ ) uses it. 

Let us assume as in the above example that the domain name 
'Domain' and the IP address 123.45.67.89 correspond to each other. Then 
5 'Domain-b' server enters to the message header the domain name 'Domain' 
in parentheses and the IP address 123.45.67.89 in brackets. 

Let us assume that 'Domain-b' server forwards the received 
message, for example, to 'Domain-c' server. 

In addition, let us assume that the fully-qualified domain name of 
10 'Domain-b' server is 'smtp.domain-b.tld' and the IP address of 'Domain-b' 
server is 234.56.78.90. Then 'Domain-c' server enters in the message 
header the following item of information: 

Received: from smtp.domain-b.tld (smtp.domain-b.tld 
15 [234.56.78.90]) 

by smtp.domain-c.tld with ESMTP 

wherein ESMTP is an acronym from the words "Enhanced Simple 
Mail Transport Protocol". 
20 After this the message includes the following transmission 

information: 

Received: from smtp.domain-b.tld (smtp.domain-b.tld 
[234.56.78.90]) 
25 by smtp.domain-c.tld with ESMTP 

Received: from smtp.domain.tld (smtp.domain.tld [123.45.67.89]) 
by smtp.domain-b.tld with ESMTP 

For example, 'Postfix' router application enters in the transmission 
30 information as described above. 

In addition to the 'Reverse IP verification' method there are other 
known methods by which it is find out the trustworthiness of the servers 
participating in sending or transmitting of a message. One of these messages 
uses a list that includes the IP addresses of trusted servers. If the IP address 
35 of a transmitting server is found in the list, the transmitting server is 
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considered to be reliable (enough). If the transmitting server is not found in 
the list of trusted servers, the server is considered to be unreliable. 

The other known methods for authenticating a transmitting server 
are SPF (Sender Policy Framework) and Microsoft Sender ID. In these 
5 methods any organization sending email publishes in a domain name service 
an item of information that discloses from which email server the emails 
related to the domain name are sent. By means of the SPF or 'Microsoft 
Sender ID' method, for example, the following targets can be defined as 
certified email servers: a) a single IP address, b) all IP addresses that are 

10 related to a domain name, and/or c) so-called "MX servers" related to the 
domain name. So-called 'Best guess 1 method is an extension to the SPF 
method. In 'Best guess' method it possible to assume that the all IP 
addresses and/or the all MX servers of the domain name are reliable, 
although the organization sending the email is not published any DNS 

15 information according to the method. 

It is also known that the server can enter an identifier in the header 
of an email so that the sender of the email can be identified by means of the 
identifier. 

It is also known that the correctness of the sender information of 
20 the email is ensured by sending a so-called check message to the sender of 
the email. This type of methods based on use of a check message are 
described, for example, in the US patents 6,393,465 and 6,368,498. A 
weakness of these methods is an additional diligence which they cause to a 
sender, because the sender needs to handle the check message/messages 
25 related to his/hers email. 

Another problem related to the prior art is how to express the 
transmission method of email. 

One way to express the transmission method of email is used in 
UNIX mail servers. In this mode of expression the sender information of a 
30 message is changed when the message arrives from the Internet to an 
organization so that the recipient (an end user) of the message is able to 
separate the messages coming inside the organization from the messages 
coming from the Internet. The sender information is changed so that in the 
start of it is placed, for example, a notation 'EXT'. Then the sender 
35 information of the message looks like this, for example: 

EXT Matti Virtanen matti. virtanen^konsemLtld 
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A corresponding notation can also be entered in the subject field 
of the message. 

A third problem related to the prior art technique is that the 
technique requires additional actions for a sending organization. If the 
5 sending organization doesn't have any authentication method in use, the 
sending server cannot be authenticated, except when using 'Best guess' 
method within the SPF method. However, 'Best guess' method is a quite 
unreliable way to authenticate a sender of an email, because the email may 
be received though a very complicated transmission chain. 

10 A third problem related to the prior art concerns the above- 

mentioned SPF method. The problem appears in a situation in which a 
message is sent outside of an organization and a server used by the 
organization is defined to transmit the message to a recipient located outside 
of the organization. If the recipient uses the SPF method, the SPF method 

15 results in that the origin entered in the message is wrong, because on the 
basis of its 'envelope from' address the message should come from another 
server than the server outside of the organization to which the message was 
transmitted to the recipient. 

Summary of the invention 

The main objective of the invention is to solve the above- 
mentioned problems related to the prior art. 

An email transmitted though the Internet may pass via a number of 
servers/routers to a recipient, whereat the email typically includes the 
transmission information entered by each server participated in the 
transmission of the email. 

The invention comprises a method for authenticating a sender of 
an email, the email including transmission information written by at least one 
server (router). The method in accordance with the invention utilizes the 
above-described 'Reverse IP verification' method. In more detail, the 
transmission information is examined by means of 'Reverse IP verification' 
method, i.e. the information of 'Received' field is examined starting from the 
transmission information which a server preceding the server that received 
the email has entered in the email. The transmission information ('Received' 
fields) is passed through until an unreliable item of the transmission 
information is found or the all items of the transmission information are 
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handled by the 'Reverse IP verification' method. In the last case it is 
performed a check addressed to an item of the transmission information 
which is first entered in the email. In this check the fully-qualified domain 
name obtained by 'Reverse IP verification' method is compared to the 
5 domain name included in the sender information of the email. If the domain 
names correspond to each other the sender of the email is authenticated. If 
needed, the examination performed by the method can be accomplished with 
1-4 additional checks. 

In addition to the method, the invention comprises a server which 
10 is equipped with the checking means and sends and/or transmits emails. 

Brief description of the drawings 

The invention is described more closely with reference to the 
accompanying drawings, in which 

15 

Figure 1 shows a server that includes virtual routers, 
Figure 2A shows an operation principle of the method, 
Figure 2B shows the examination steps performed in the method, 
Figure 3 shows editing a list to be used in the examination, 
20 Figure 4A shows an additional examination step in which the start of a 

domain name is evaluated by a heuristic method, 
Figure 4B shows another additional examination step in which the domain 

name is searched in the list of captured servers, 
Figure 4C shows another additional examination step in which MX 
25 information is utilized, 

Figure 4D shows another additional examination step in which a RIPE 

database is utilized, 
Figure 5 shows a server in accordance with the invention. 

30 Detailed description of the invention 

The method is thus related to authenticating a sender of an email. 
The authentication of a sender means generally that the sender entered in 
the email is the actual sender of the email. In other words, the sender of the 
email can sufficiently enough to trust that the -email is from the sender 
35 entered in the 'From' field. 
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The authentication of the server also includes checking the 
correctness of the transmission information. These items of the transmission 
information disclose the servers through which the email has passed from the 
original sender to the recipient 
5 Method is also related to how the transmission manner of the 

email can be disclosed in the header of the email in a better way than 
nowadays. The method replaces the items included in the header of the 
email with checked items of the information on the basis of which it is 
possible to estimate the trustworthiness of the origin of the email. In more 

1 0 detail, the email application or another application makes a notation in the 
address field of the original sender on the basis of which the end user knows 
that the origin of the email has not been successfully verified. The notation 
made in the address field may include, for example, three questions marks 
[???] placed in the brackets. 

15 In addition, the possible encryption can be disclosed to the end 

user with a certain notation placed in the address field of the sender. For 
example, the notation indicating the use of encryption may be \S\ 

In order to save time of end users, the application operating 
according to the method can be implemented so that the application 

20 classifies the received emails to two different folders on the basis of the 
trustworthiness of the origin of the emails. 

It is known in the prior art that an email server writes the text 
"unknown" in the header of an email and it writes the IP address of the email 
in brackets, if the 'Reverse IP verification' method discloses that the fully- 

25 qualified domain name and the IP address of the email don't correspond to 
each other. 

It is essential from the point of view of the invention which checks 
are performed for an email and when the email is determined to be correct. 

Let us assume that the transmission information included in the 
30 email is the following: 



Received: from smtp.domain-b.tld ismtp.domain-b.tld 
[234.56.78.90]) 

by smtp.domain-c.tld with ESMTP 
35 Received: from smtp.domain.tld (smtp.domain.tld [123.45.G7.89]) 

by smtp.domain-b.tld with ESMTP 
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Let us also assume that the sender information of the email Is: 

From: maW.meikalainen@domain.com 

5 Lets us describe the operation of the method by means of the 

following example. The transmission information and the sender information 
shown above are examined as follows. 

1) The last item of the transmission information is 
10 read, i.e. a notation of 'Received' field is read by a server 

preceding the server which received the email and made the 
notation. 

2) Extracting the IP address from the item of the 
transmission information, for example, the IP address 34.56.78.90. 

15 3) Checking whether the IP address obtained in Step 

2 is found on the list of reliable servers. 

4) If it is not found, the IP address is written in the 

list. 

5) If it is found, Steps 2-4 are performed for the next 
20 item of the transmission information. If the read item of the 

transmission information is the first item written in the email, the 
next step is Step 6. 

6) Reading the IP address from the list. 

7) Finding out the fully-qualified domain name by 
25 means of a DNS search ('smtp.domain.tld', in this example). 

8) Finding out the IP address corresponding to the 
fully-qualified domain name by means of a DNS search 
(34.56.78.90, in this example). 

9) If the IP address read from the list and the IP 
30 address returned by the DNS search are the same, Steps «-8 are 

performed for the next item entered in the list. If the read IP 
address is the last one in the list, the next step is Step 10. 

10) Separating from the fully-qualified domain name 
corresponding to the IP address the end part of the domain name 

35 ( , domain.t1d\ in this example). 
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11) Examining whether the end part of the fully- 
qualified domain name corresponds to the sender information of 
the email, i.e. the end part of the fully-qualified domain name 
included in 'From' field. 
5 12) If they correspond to each other, the sender is 

authenticated. 

The following remark is related to Step 4: the IP address included 
in the item of the transmission information which is first entered in the email 

10 is always written in the list. 

The method discloses from which organization the email is coming 
from. The method operates even if there is in the middle a server in public 
use, for example, a server of an Internet operator, providing that this "middle 
server" writes its own 'Received' line in the email. 

15 FIG. 2A shows an operation principle of the method. The method 

is Intended for authenticating the sender of an email at the server which 
received the email. It is formed 201 in the server a list of those items ot 
transmission information which at least one server participating in the 
transmission of the email has entered in the email. Then the list is examined 

20 202 starting from an item of the transmission information entered in the email 
by a server preceding the server which received the email. The examination 
includes at least the steps shown in FIG. 2B. The examination indicates 
whether 203 the examined items of the information are reliable. If they are, 
the sender information entered in the email is determined 204 to be correct at 

25 the server received the email. 

FIG. 2B shows the examination steps of the method which are 
performed in the all embodiments of the method. This examination to be 
performed by a server which received the email is based on a list composed 
of items of transmission information of the email ('Received' field) and the 

30 sender information of the email ('From' field). The examination is started from 
the item of the transmission information entered in the email by a server 
preceding the server received the email. The examination comprises the 
following steps. In the first domain name request 206 it is fetched the fully- 
qualified domain name corresponding to the IP address entered in the item of 

35 the transmission information. In the second domain name request 207 it is 
fetched the IP address corresponding to the fetched fully-qualified domain 
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name. Then the IP address used in the first domain name request is 
compared 208 to the IP address obtained in the second domain name 
request If the compared IP addresses are the same and the item of the 
transmission information is the last one in the list 210, the domain name 
5 fetched in the first domain name request is compared 21 1 to the sender 
information of the email. The email includes the domain name related to the 
sender of the email. If the domain names correspond to 212 -each other, the 
sender information of the email is determined 204 to be correct. Thus, the 
sender information is determined to be correct when the list composed of the 

10 items of the transmission information is passed through and in the 
comparison 209 those items are verified be reliable, and in the comparison 
212 the sender information is verified be reliable/correct if the list still 
includes items not examined 210, the following item is read from the list and 
at least the steps 206-208 are performed. If the comparison 209 discloses 

15 that the IP addresses are not the same, the sender information is determined 
205 to be incorrect. 

FIG. 3 shows editing the list to be used in the examination. The 
. editing of the list means that the following step is performed between the 
steps 201 and 202 shown in FIG. 2A- Each such item of the transmission 

20 information, which a server to be found in the list of reliable IP addresses has 
entered in the email, is removed from the list by the server received the 
email. A notation made by a reliable server is trusted in such extent that the 
notation, i.e. the item of the transmission information is not examined. When 
the list including the items of the transmission information becomes shorter, 

25 also the execution time required by the method becomes shorter. For 
example, the list of reliable IP addresses can be composed of a company's 
or a community's own servers. Then all other servers are interpreted to be 
•unreliable', i.e. the items of the transmission information entered by them 
remain in the list and those items are examined according to FIG. 2A. 

30 If needed, the accuracy of the examination can be enhanced by 

the additional steps shown in FIGs 4A - 4D. The additional steps are targeted 
to the above-mentioned list that includes the items of the transmission 
information ('Received' fields). 

FIG. 4A shows the additional examination step in which the start of 

35 a domain name is examined by a heuristic method. In more detail, at the 
server which received the email a part of the fully-qualified domain name is 
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examined 401 by means of the specified heuristic method. This part remains 
when two character strings separated by a dot are removed from the end of 
the domain name which was fetched in the first domain name request 206. 
The heuristic method indicates whether the part discloses a dynamic network 
5 address or non-dynamic network address. Let us assume that according to 
the examination 401 the part, which remains when two character strings 
separated by a dot are removed from the end of the domain name, discloses 
a non-dynamic network address. If the item is the last one in the list 210 and 
the domain names compared in step 212 correspond to each other, the 

10 sender information ('From' field) is determined to be correct. Forgery or 
capture of a non-dynamic network addresses is much more difficult than the 
forgery or capture of a dynamic network addresses. Alternatively, if the part 
discloses on the basis of the examination 401 a dynamic network address, 
the item of the transmission information is determined to be 

15 incorrect/unreliable and therefore the sender information ('From' field) is 
determined to be incorrect/ unreliable 205. 

In addition or alternatively, the examination shown in 1=IG. 28 can 
be improved with the following additional step. 

FIG. 4B shows the additional examination step in which the 

20 domain name is searched in the list of captured servers. This step is 
preferably performed when the 'Reverse IP verification' is finished (FIG. 2, 
step 209). Some Internet servers transmitting emails are captured by 
unwanted parties, such as hackers. The captured servers, or in more detail, 
their domain names are entered in the lists which are generally available. 

25 Those lists can be considered to form one logical list. In FIG. 4B, at server 
which received the email, the domain name is searched 403 in the (logical) 
list of captured servers. After this, the sender information is determined 404 
to be correct, if the searched domain name is missing from the list of 
captured servers and if the domain name is the last item of the transmission 

30 information (in the list including 'Received' fields) 210 and the compared 
domain names correspond to each other 212. 

In addition or alternatively, the examination shown in FK3. 2B can 
be improved with the following additional step. 

FIG. 4C shows the additional examination step in which MX (Mail 

35 exchange) information is utilized. The MX information is stored in a domain 
name server (DNS). An item of the MX information discloses to which server 
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the emails addressed to certain domain name are to be delivered. In step 
405 the following sub-steps are performed: 1) using the fully-qualified domain 
name obtained in the first domain name request as a search key, the search 
resulting in MX (Mail eXchange) information, 2) using at least one fully- 
5 qualified domain name included in the MX information in a domain -name 
request, and some of the fully-qualified domain names included in the MX 
information resulting in the domain name request an IP address which 
corresponds to the IP address entered in the item of the transmission 
information 406, 3) determining the item of the transmission information to be 
1 0 correct. If the item of the transmission information determined to be correct is 
the last one in the list 210 and the on the basis of the comparison 211 the 
domain names correspond to each other 212, the sender information ('From' 
field) is determined to be correct. 

Alternatively, even after the step 204 an additional check utilizing 
15 MX information can be targeted to the sender information. 

In this additional check the following sub-steps are performed: 1) 
using a domain name related to the sender as a search key in a search, the 
search resulting in the MX information, 2) comparing the fully-qualified 
domain name which corresponds to the IP address entered in the Item of the 
20 transmission information to at least one fully-qualified domain name included 
in the MX information, and if the compared fully-qualified domain name 
corresponds to some fully-qualified domain name included in the MX 
information, 3) determining the sender information to be correct. 

In addition or alternatively, the examination shown in FIG. 2B can 
25 be improved with the following additional step. 

FIG. 4C shows the additional examination step in which MX (Mail 
exchange) information is utilized. The MX information is stored in a domain 
name server (DNS). An item of the MX information discloses to which server 
the emails addressed to certain domain name are to be delivered. In step 
30 405 the domain name fetched in step 206 is compared to the MX information 
obtainable through the domain name service of the Internet. If the domain 
name corresponds 406 to some item of the MX information, the item of the 
transmission information is determined to be correct. If the item of the 
transmission information is the last one in the list 210 and the domain names 
35 correspond to each other 212, the sender information ('From* field) is 
determined to be correct. 
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In addition or alternatively, the examination shown in FIG. 2B can 
be improved with the following additional step. 

FIG. 4D shows the additional examination step in which RIPE 
(Reseaux IP Europeens) database is utilized. As described above, the IP 
5 address corresponding to the fetched domain name is fetched in the second 
domain name request 207. In the additional step 407 this IP address is used 
as a search key when searching in the RIPE (WHOIS) database the owner 
organization related to the IP address. In the additional step 408 the 
information disclosing the owner organization is compared to the domain 

10 name obtained in the first domain name request 206. If the owner 
organization information corresponds 409 to the domain name, the item of 
the transmission information is reliable. Otherwise, the item of the 
transmission information is unreliable and the sender information is 
determined to be incorrect/unreliable. 

15 The method in accordance with the invention is related to a 

number of embodiments. In one embodiment the sender information of the 
email is determined to be correct only when the additional steps 401, 403, 
405, 407, and 408 shown in FIGs. 4A - 4D indicate that the all items of the 
transmission information are correct and in step 212 the domain names 

20 correspond to each other. In all other cases the sender information of the 
email is considered to be incorrect. 

In the other embodiments of the method the determination of the 
correctness of the email is performed in another way. First, the number of the 
additional steps to be performed may vary, for example, only the additional 

25 step 401 shown in FIG. 4A is performed. Secondly, the sender information 
can be determined to be correct, even if some additional step indicates that 
an item of the transmission information is incorrect. 

It is possible to attach a degree of safety to the sender information. 
The degree of safety is, for example, an integer number between 0-100 so 

30 that 0 means the sender information to be definitely incorrect and 100 means 
the sender information to be definitely correct. The degree of the security can 
be implemented, for example, by giving points so that each of the additional 
steps 401 , 403, and 405 results in 0-20 points, the additional steps 407 and 
408 result in together 0-20, and the step 212 results in 0-20 points. Then the 

35 degree of safety is the sum of the points, i.e. an integer number between 0- 
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100. It is possible to define a threshold value, for example, 80 which must be 
received in order that the sender information is determined to be correct. 

In a certain embodiment of the invention the degree of safety 
related to the sender information of an email is stored through the domain 
5 name server of the Internet in a database of the degree of safety. The degree 
of safety is stored with the domain name and the IP address of the sender to 
the database of the degree of safety. Then it is possible to perform a search 
in the database when new emails are received from the IP address of the 
sender. If the degree of safety fetched from the database with the domain 

10 name and IP address is low, it is reasonable to take a suspicious attitude to 
the received emails. 

It is also possible to attach the degree of safety to a server which 
transmitted the email. Then the degree of safety describes the 
trustworthiness of the server instead of the trustworthiness of the sender {the 

15 IP address of the sender). Then the degree of safety is increased when an 
email which is determined to be correct according to the method of the 
invention is received via the server. Correspondingly, the degree of the safety 
is degreased if the sender information of the email is determined to be 
incorrect. 

20 A certain embodiment of the method includes a step of adding a 

server to the list of reliable IP addresses when, on the basis of the degree of 
safety, the server transmits with high probability emails having correct sender 
information. In more detail, the (P address of the server is added to the list of 
reliable IP addresses, which has been discussed in FIG. 3. Then also such 

25 situation is controlled in which an email is received from outside of an 
organization, but a server locating inside the organization is adapted to 
forward the received email to a recipient locating outside of the organization. 

As a summary, the following aspects are mentioned. If needed, 
the method can be used without the additional checks shown in FIGs 4A - 

30 4D. However, if at least one of the four additional checks is used, the sender 
of an email is determined to be correct, when the following three conditions 
are true: an item of the transmission information is the last one in the list 210, 
the domain name obtained in the first domain name request includes a 
domain name related to the sender of the email 212, and at least one 

35 additional check indicates that the item of the transmission information is 
correct. As described above, at the server which received the email, it is 
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possible to attach to the sender information the degree of security that 
defines the probability of the correctness of the sender information. The 
probability is higher the greater the number of performed additional check 
has indicated an item/items of the transmission information to be correct. In 
5 addition, it is possible to store a degree of safety with the sender information 
in a database or a memory for utilizing the degree of safety later on. At the 
server which received the email the degree of safety is preferably entered in 
the header of the email. Then the recipient of the email can himself/herself 
determine whether the sender information is correct or not. 

10 A degree of safety is preferably entered in 'From' field. A degree of 

safety can also be entered in 'Reply To' field of the email. 

In addition, it is possible to enter in 'From' and/or 'Reply To* a 
degree of strength of encryption. The degree of strength of encryption is 
another subject matter that a notation indicating use of encryption (for 

15 example, \S'). The degree of strength of encryption discloses how 
strong/reliable encryption technique (or techniques) is used in the 
transmission of an email. 

In order to define a degree of strength of encryption the method 
comprises the following steps in which 'sender information' related to the 

20 received email (the 'sender information 1 is not meant the sender information 
of a reply email), Usually, each server participated in the transmission of the 
email which uses regular post server software (e.g. Postfix) enters in the 
transmission information a notation about the use of the transmission 
information and the degree of strength of encryption. This item of information 

25 is normally not visible for the recipient of an email and neither does it disclose 
the real security level of the channel used for the email transmission. 
Conversely, if the items of transmission information which are determined to 
be reliable according to the method of the invention, it is possible to check 
whether the all reliable items of the transmission include information about 

30 encryption. It is possible to find out on the basis the notations about the 
degree of strength of encryption the strength of the incoming encryption for 
example, by selecting from the items of the transmission information the 
notation corresponding to the weakest degree of encryption). In the next 
step, the domain name included in the sender information is used in an MX 

35 query to be performed through the domain name service. This MX query 
results in a set of MX servers. Next, it is established to an MX server 
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(included in the set) an SMTP (Simple Mail Transfer Protocol) test connection 
that discloses whether the MX server supports the email encryption and 
which is the degree of strength of encryption. The degree of the outcoming 
encryption can be defined by choosing the weakest degree of the degrees of 
5 strength of encryption defined through the test connections to the MX servers 
related to the domain name. The degree of the incoming traffic encryption 
and the degree of the outcoming traffic encryption are separately entered in 
the header of email or, if needed, they can be combined to one degree of 
strength describing the overall level of encryption. 
10 As a summary, the following aspects are mentioned. The method 

may enter in the header of an email (in 'From' field and/or in 'Reply To' field) 
at least one of the following notations: a) a notation of forgery disclosing that 
the sender information is determined to be incorrect, b) a notation of 
encryption disclosing that at least one encryption technique is used in the 
15 email transmission. In addition or alternatively, at least one of the following 
notations can be entered in the header of the email: c) degree of safety 
disclosing on which probability the sender information is correct, d) degree of 
strength of encryption. 

Possible dissymmetry characters related to the transmission 
20 channel can be disclosed by using 'From' field as well as 'Reply-To* field for 
notifying the above-mentioned items of information a), b), c) and/or d). For 
example, if an email has arrived in a secured transmission manner, but the 
reply email would depart in an unsecured transmission manner, a notation 
indicating encryption is entered in 'From' field and the notation indicating 
25 encryption is omitted from 'Reply To' field. 

An email application operating in a regular way is needed to 
transmit the notations a), b), c) and/or d) to the recipient of an email. When 
the recipient of the email (not the reply email) receives the email, the email 
application shows in 'From' field the text that includes the notations a), b), c) 
30 and/or d). When the email is replied, i.e. the reply email is sent, the email 
application operating in the regular way extracts a character string from 
'Reply To' field to be used as the reply address. When the end of this 
character string includes the notations a), b), c) and/or d), those notations are 
transmitted to a sender of the reply email. In more detail, the sender of the 
35 reply email sees the notations in To' field of the reply email. On the basis of 
the notations the sender of the email can ascertain the correctness of the 



WO 2006/134226 



PCTYF12O06/0S0251 



20 



recipient address and the transmission manner of the email. For example, if 
the email has arrived in a secured manner, but the reply email is going to 
depart in an unsecured way, the sender of the reply email is informed about 
this before sending the reply email. Then he/she can take into account this 
5 subject matter when considering the content of the reply email. The pure 
encryption of an email does create security, but the security is closely related 
to the correctness of recipient addresses (for example, the security is not 
created, if a well encrypted email is sent to an entirely wrong organization). 

In addition to the method, the invention comprises a server for 

10 authenticating the sender of an email and notifying the exchange information 
of the email. The server is adapted to perform the steps of the method 
described above. 

FIG. 5 shows a server in accordance with the invention. The 
server 501 is intended for authenticating the sender of an email 502. The 

15 server 501 receiving the email 502 includes means 503 for forming a list of 
those items of the transmission information which at least one server 
participated in the transmission of the email has entered in the email. In 
addition, the server 501 includes at least means for examining 505 and 
means for IP comparison 506. The method handles the list 504 with the 

20 means for examining 505 by starting from an item of the transmission 
information entered in the email by a server preceding the server received 
the email. The means for IP comparison 506 are used in handling the list. 
These means are adapted: a) to receive from the means for examining 505 
an item of the transmission information, b) to fetch in a first domain name 

25 request a fully-qualified domain name corresponding to an IP address 
entered in the item of the transmission information, c) to fetch in a second 
domain name request an IP address corresponding to the fully-qualified 
domain name, d) to compare the IP address used in the first domain name 
request to the IP address obtained in the second domain name request, and 

30 when the compared IP addresses are the same e) to return the domain name 
to the means for examining 505. The means for examining 505 are adapted: 
f) to read a domain name related to the sender of the email, g) to compare 
the read domain name to the domain name returned by the means for IP 
comparison, and h) to determine the sender information to be correct when 

35 the compared domain names correspond to each other. 



WO 2006/134226 



PCT/FI2006/050251 



21 



Thus, the server in accordance with the invention includes at least 
the means 503, 505, and 506. In addition to these, the server 501 may 
include other means, and the means for examining 505 may be adapted to 
perform other actions than the above-mentioned actions f), g) and h). 
5 In order to speed up the handling of the list 504 the means for 

examining 505 are preferably adapted to remove from the list each such item 
of the transmission information which a server to be found in a list of reliable 
IP addresses has entered in the email. Then the list become shorter and the 
means for IP comparison 506 needs to be used less than before. 

10 The server 501 may further include means for heuristics 507. 

These means are adapted to consider by using a heuristic method such a 
part of the domain name which remains when the last two character strings 
separated by a dot are removed from the end of the fully-qualified domain 
name. The means for IP comparison 506 fetched this fully-qualified domain 

15 name in the second domain name request. 

If the server 501 includes the means for heuristics 507, the means 
for examining 505 are adapted to determine the sender information of the 
email 502 to be correct when the means for heuristics indicate that it is a 
non-dynamic network address. 

20 If needed, the examining means 505 are further adapted search 

the domain name returned by the means for IP comparison 506 in a list of 
captured servers. Usually, the sender information of an email is determined 
to be correct only when each searched domain name is missing from the list 
of captured servers. 

25 The examining means 505 are further adapted to perform the 

following actions: 1 ) to use the fully-qualified domain name obtained in the 
first domain name request as a search key, the search resulting in MX 
information, 2) to use at least one fully-qualified domain name included in the 
MX information in a domain name request, and 3) to determine the item of 

30 the transmission information to be correct, if some fully-qualified domain 
name included in the MX information results in the domain name request an 
IP address that corresponds to the IP address entered in the item of the 
transmission information. 

If needed, relating to the additional check of the sender 

35 information, the examining means 505 are adapted to perform the following 
actions: 1) to use the domain name related to the sender information as a 
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search key in a search, the search resulting in MX information, 2) to compare 
the fully-qualified domain name which corresponds to the IP address entered 
in the item of the transmission information to at least one fully-qualified 
domain name included in the MX information, and 3) to determine the sender 
5 information to be correct, if the compared fully-qualified domain name 
corresponds to some domain name included in the MX information. 

Relating to the additional check of the sender information the 
examining means 505 are further adapted to use in the IP address obtained 
in the second name server request as a search key when fetching 

10 information about an owner organization from the RIPE database and after 
that to compare the owner organization information obtained in the data base 
query to the domain name obtained in the first domain name request 

The server 501 preferably includes notation means 508 which are 
adapted to enter in the header information of the email at least one of the 

15 following notations: a) a notation of faulty indicating that the server has 
determined the sender infonnation to be incorrect, b) a notation of encryption 
indicating that at least one encryption technique has been used when the 
email was transmitted through the Internet, c) a degree of safety disclosing in 
which probability the sender information is correct, or d) a degree of strength 

20 disclosing how strong encryption method is used in the transmission of the 
email. These notations are entered in the email which is transmitted by the 
server and which has the same content (the text and/or attachment files) as 
the email 502 received by the server. 

In addition to the above-mentioned examples, there are other 

25 ways to implement the method and server in accordance with the invention. 
However, these ways are obvious for a person skilled in the art on the basis 
of his/her professional ability and the instructions obtainable from this patent 
application. 

The invention is defined in the attached patent claims concerning 
30 the method and the server. 
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Claims 

1. A Method for authenticating a sender of an email, the method 
being characterized in that at a server received the email 

forming a list of items of transmission information which at least 
5 one server participating a transmission of the email has entered in the email, 
examining the list starting from an item of the transmission 
information entered in the email by a server preceding the server received 
the email, the examination comprising the steps of 

fetching in a first domain name request a fully- 
10 qualified domain name corresponding to an IP address 

entered in the item of the transmission information, 

fetching in a second domain name request an IP 
address corresponding to the fully-qualified domain name, 

comparing the IP address used in the first domain 
15 name request to the IP address obtained in the second 

domain name request, and when the compared IP addresses 
are the same 

examining the next item of the transmission 
information, 

20 when the item of the transmission information is 

the last item in the list, 

comparing said fully-qualified domain name to a 

sender information of the email which includes a domain 

name related to a sender of the email, and 
25 determining the sender information to be correct 

when the compared domain names correspond to each 

other. 

2. The method as in claim 1 characterized in that before 
the examination 

30 removing from the list each such item of the transmission 

information which a server to be found in a list of reliable IP addresses has 
entered in the email. 

3. The method as in claim 1 characterized in that the 
method includes a first additional check in which 

35 considering by means of a heuristic method such a part of the 

domain name fetched in the second domain name request which remains 
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when the last two character strings separated by a dot are removed from the 
end of the domain name, the heuristic method finding out whether said part 
discloses a dynamic network address or a non-dynamic network address, 
and when said address discloses the non-dynamic network address 
5 determining the item of the transmission information to be correct. 

4. The method as in claim 1 characterized in that the 
method includes a second additional check in which 

searching a domain name in a list of captured servers and the 
domain name missing from the list of captured servers, 
1 0 determining the item of the transmission information to be correct. 

5. The method as in claim 1 characterized in that the 
method includes a third additional check in which 

using the fully-qualified domain name obtained in the first domain 
name request as a search key, the search resulting in MX (Mail exchange) 
15 information, 

using at least one fully-qualified domain name included in the MX 
information in a domain name request, 

and some of the fully-qualified domain names included in the MX 
information resulting in the domain name request an IP address which 
20 corresponds to the IP address entered in the item of the transmission 
information 

determining the item of the transmission information to be correct. 

6. The method as in claim 1 characterized in that the 
method includes an additional check targeted to the sender information in 

25 which 

using a domain name related to the sender as a search key in a 
search, the search resulting in MX information, 

comparing the fully-qualified domain name which corresponds to 
the IP address entered in the item of the transmission information to at least 
30 one fully-qualified domain name included in the MX information, 

and if the compared fully-qualified domain name corresponds to 
some fully-qualified domain name included in the MX information, 

determining the sender information to be correct. 



35 
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7. The method as in claim 1 characterized in that the 
method includes a fourth additional check in which 

using in the IP address obtained in the second name server 
request as a search key when fetching owner organization information from a 
5 RIPE database (RIPE WHOIS database), 

comparing the owner organization information obtained in the 
database query to the domain name obtained in the first domain name 
request and when the domain names correspond to each other 

determining the item of the transmission information to -be correct. 
10 8. The method as in claims 1-7 characterized in that 

determining in the method the item of the transmission information to be 
correct when the following conditions are true: a) the item of the transmission 
information is the last item of the transmission information, b) the domain 
name obtained in the first domain name request related to the item of the 
15 transmission information includes a domain name related to the sender of the 
. email, and c) at least one performed additional check indicates that the item 
of the transmission information is correct. 

9. The method as in claims 1-7 characterized in that a 
degree of safety describing a probability of correctness of the Rem of the 

20 transmission information is added at the server to the sender information, the 
probability being higher, the greater number of performed additional checks 
indicates the item/items of the transmission information to be correct. 

10. The method as in claim 9 characterised in that at the 
server received the email 

25 storing the degree of safety with the sender information in a 

memory. 

11. The method as in claim 9 characterized in that at any 
server receiving the email 

entering the degree of safety to the header information of the 

30 email 

1 2. The method as in claim 1 characterized in that at any 
server receiving the email 

entering to the header information of the email at least one of the 
following notations: a notation of faulty indicating that the sender information 
35 has been determined to be incorrect, a notation of encryption indicating that 



WO 2006/134226 



PCT/FI2006/050251 



26 



at least one encryption technique has been used when the email was 
transmitted through the Internet 

13. The method as in claim 1 characterized in that the 
method includes following steps to be performed at any server receiving the 

5 email 

using a domain name related to the sender information in an MX- 
query to be performed through the domain name service, the MX query 
resulting in a set of MX servers, 

establishing an SMTP connection to -each MX server included in 
10 the set, the SMTP connection disclosing whether the MX server supports 
encryption of email and when at least one MX server supports the -encryption 
of email 

entering in the header information of the email a degree of 
encryption indicating how strong encryption technique is usable for a reply 
1 5 message of the email. 

14. A server for authenticating a sender of an email 
characterized in that a server includes 

means for forming a list of those items of transmission information 
which at least one server participated in a transmission of the email has 
20 entered in the email received by the server, 

means for examining the list by starting from an item of the 
transmission information entered in the email by a server preceding the 
server that received the email, 

means for IP comparison which are adapted 
25 to receive from said means for examining an item 

of the transmission information, 

to fetch in a first domain name request a fully- 
qualified domain name corresponding to an IP address 
entered in the item of the transmission information, 
30 to fetch in a second domain name request an IP 

address corresponding to the fully-qualified domain name, 

to compare the IP address used in the first domain 
name request to the IP address obtained in the second 
domain name request, and when the compared IP addresses 
35 are the same, 
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to return the domain name to said means for 
examining, 

said means for examining being adapted to 

read a domain name related to the sender of the 

5 email, 

examining the next item of the transmission 
information, 

and in an association with the test item in the list 
composed of the items of the transmission information 
10 to compare the read domain name to the domain 

name returned by the means for IP comparison and 

to determine the sender information to be correct 
when the compared domain names corresponds to each 
other. 

15 15. The server as in claim 14 characterized in that -the 

means for examining are further adapted 

to remove from the list each such item of the transmission 
information which a server to be found in a list of reliable IP addresses has 
entered in the email. 

20 16. The server as in claim 14 characterized in that the 

server further includes means for heuristics which are adapted 

to consider by means of a heuristic method such a part of domain 
name fetched in the second domain name request which remains when the 
last two character strings separated by a dot are removed from the end of the 

25 domain name, the heuristic method finding out whether said part discloses a 
dynamic network address or a non-dynamic network address. 

17. The server as in claim 16 characterized in that the 
means for examining are further adapted 

to determine the sender information to be correct when the 
30 examination performed by the means for heuristics indicates that said part 
discloses the non-dynamic network address. 

18. The server as in claim 14 characterized in that the 
examining means are further adapted search the domain name in a list of 
captured servers. 

35 19. The server as in claim 14 characterized in that the 

examining means are further adapted: 
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to use the fully-qualified domain name obtained in the first domain 
name request as a search key, the search resulting in MX information, 

to use at least one fully-qualified domain name included in the MX 
information in a domain name request, and 
5 to determine the item of the transmission information to be correct, 

if some fully-qualified domain name included in the MX information results in 
the domain name request an IP address that corresponds to the IP address 
entered in the item of the transmission information. 

20. The server as in claim 14 characterized in that the 
1 0 examining means are further adapted: 

to use the domain name related to the sender information as a 
search key in a search, the search resulting in MX information, 

to compare the fully-qualified domain name which corresponds to 
the IP address entered in the item of the transmission information to at least 
15 one fully-qualified domain name included in the MX information, and 

to determine the sender information to be correct, if the compared 
fully-qualified domain name corresponds to some domain name included in 
the MX information. 

21. The server as in claim 14 characterized in that the 
20 examining means are further adapted 

to use in the IP address obtained in the second name server 
request as a search key when fetching owner organization information from a 
RIPE database (RIPE WHOIS database) and 

to compare the owner organization information obtained in the 
25 database query to the domain name obtained in the first domain name 
request. 

22. The server as in claim 14 characterized in that the 
server further includes notation means which are adapted 

to enter in header information of the email at least one of the 
30 following notations: a) a notation of faulty indicating that the server has 
determined the sender information to be incorrect, b) a notation of encryption 
indicating that at least one encryption technique has been used when the 
email was transmitted through the Internet, c) a degree of safety disclosing in 
which probability the sender information is correct, or d) a degree of strength 
35 disclosing how strong encryption method is used in the transmission of the 
email. 
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